"We can end government censorship in a decade," Schmidt said during a speech in Washington. "The solution to government surveillance is to encrypt everything."

Setting aside the entertaining aspect of the source of said statement, I don't think encryption in and of itself is enough. Encryption performed by companies is useless, since we know by now that companies - US or otherwise - are more than eager to bend over backwards to please their governments.

What we need is encryption that we perform ourselves, so that neither governments nor companies are involved. I imagine some sort of box between your home network and the internet, that encrypts and decrypts everything, regardless of source or destination. This box obviously needs to run open source software, otherwise we'd be right back where we started.

You are right, it's funny that these corporations just assumed they were safe. This is a mistake many civilians make, but you'd think the corporations themselves would be a bit more savvy.

The whole irony of this story is that many of these corporations do not *really* want their users to have end to end encryption. They could store user data such that they themselves don't have access to it if they really wanted to, private communications could go through them while remaining safely encrypted. However the current business models for companies like facebook & google are highly dependent on prodding around user data to sell ads. I wonder if they'd even continue to provide those services for free if all they could ever see was opaque encrypted data?

Of course they have every incentive to protect *their* infrastructure from government snooping, but I very much doubt they care to build infrastructures that protect users from corporate snooping. The fact remains that so long as user data isn't cryptographically safe from corporate snooping, then there's always the risk that user data will end up in government hands anyways through secret court orders and even government spies working as corporate security officers obtaining network keys, etc.